[1.1.X] Fixed #15284 - improved example jQuery code for adding X-CSRF-Token
Using the ajaxSend event is better than beforeSend, because the beforeSend
callback can have only one value, which makes it painful if it is needed by
multiple bits of javascript.
Thanks to LukeMaurer for report and initial patch.
Backport of [15515] from trunk.
This is backported to 1.1.X because it really belongs with security patch [15466]

[1.1.X] [1.2.X] Fixed #15253 -- Added 1.1.3 release notes, and added sections to the 1.2.4 and 1.3 release notes about the December security announcement.
Backport of r15485 from trunk.
Backport of r15486 from trunk.

[1.1.X] Fixed #15103 - SuspiciousOperation with limit_choices_to and raw_id_fields
Thanks to natrius for the report.
This patch also fixes some unicode bugs in affected code.
Backport of [15347] from trunk. Backported to 1.1.X because this was
a regression caused by a security fix backported to 1.1.X.

[1.1.X] Fixed #13514 -- Corrected the process of loading multiple javascript translation catalogs. Thanks to jtiai for the report, to Ramiro Morales for working out the test case, and to Ramiro and Jannis for their help on the fix.
Backport of r13250 from trunk.

[1.1.X] Fixed #12001 -- Modified the example of form validation to use the form's error class, rather than assuming ErrorList. Thanks to Suor for the report, and timo for the patch.
Backport of r13221 from trunk.

[1.1.X] Fixed #13002 -- Corrected description of the default form base class in InlineModelAdmin classes. Thanks to stijn@typograaf.be for the report, and timo for the patch.
Backport of r13209 from trunk.

[1.1.X] Fixed #12892 - Fixed unicode related bug in a utility function of the admindocs app that prevented it to be used in non-English environments together with certain versions of docutils.
Backport from trunk, r13192

[1.1.X] Fixed #13317 - Clarified documentation about how the blocktrans and trans template tags work with regard to variables. Thanks for the initial patch, Ramiro Morales.
Backport from trunk, r13184.

[1.1.X] Fixed #13051 -- Corrected the documentation of URL namespacing to match the tested implementation behavior. Thanks to apollo13 for the report, and Gabriel Hurley for the patch.
Backport of r13161 from trunk.

[1.1.X] Fixed #13417 -- Clarified the use of the djangojs domain for translation. Thanks to stephaner for the report and initial patch, and Ramiro Morales for his additional markup.
Backport of r13147 from trunk.

[1.1.X] Added hyperlinks for builtin template tags and filters to code samples in docs.
Implemented in javascript because doing it 'properly' is pretty much impossible with Sphinx and Pygments.
Refs #12249
Backport of [13135] from trunk

[1.1.X] Fixed #13464 -- Reworked module_has_submodule to break the requirement for loader and finder to be the same class. Thanks to Alex Gaynor for the report and patch, and Brett Cannon for suggesting the approach.
Backport of r13082 from trunk.

[1.1.X] Fixed #11764 -- Added a missing set of parentheses in a call calculating the select_related tables. Thanks to aurelio for the report and original patch, and wogan for the updated patch.
Backport of r13019 from trunk.

[1.1.X] Fixed #13389 -- Ensured that the app_loading test clears out the app cache at the end of each test, so that it doesn't interact badly with flush and other introspected database commands. Thanks to Karen for the report, and Ramiro Morales for the debugging hints.
Backport of r13011 from trunk.

[1.1.X] Fixed #13348: Restored ability to load models from apps in eggs. Thanks Ramiro and metzen for pointers on how to find out if a module loaded from an egg has a particular submodule.
r12982 from trunk.

[1.1.X] Fixed #13184 -- Document the requirement that custom model fields using SubfieldBase should probably implement formfield. Thanks to Mark L. for the report, and to Joseph and Honza for the guidance on the solution.
Backport of r12979 from trunk.

[1.1.X] Fixed #13332 -- Corrected the cleanup code in the test client to avoid a refcounting problem with signal handlers. This is a fix for the benefit of PyPy's hybrid GC. Thanks to Alex Gaynor for the report and patch.
Backport of r12964 from trunk.

Fixed #11957 -- exceptions in admin.py are no longer hidden after second request
Before you had to restart runserver for the correct exception message to show
up again. Reverts fix in r9680 which has this side-affect.
Thanks to jarrow, carljm and ramiro for their work on the patch and tickets.
Backport of r12956 from trunk.

[1.1.X] Fixed #11711 -- clarified that ValuesQuerySets are not lists per se.
It rarely hurts to think of the returned result from a values() or
values_list() call as a list, but it's really an iterable and sometimes
the difference matters.
r12743 from trunk.

Fixed test failure that was occurring since r12909
The tests were relying on being able to do
ManyToManyField("NameOfThisModel") instead of the only documented method for
recursive relationships, namely ManyToManyField("self"). The former stopped
working when the fix in r12909 was applied.
Backport of r12932 from trunk

[1.1.X] Fixed #11949 -- Added a hook to allow ModelAdmin customization of the delete selected template. Thanks to bendavis78 for the report and patch, and Ramiro Morales for his cleanup work.
Backport of r12916 from trunk.

[1.1.X] Fixed #12328 -- Corrected the handling of subqueries with ordering and slicing, especially when used in delete subqueries. Thanks to Walter Doekes for the report.
This fixes a feature that isn't available under MySQL and Oracle (Refs #10099).
Backport of r12912 from trunk.

[1.1.X] Fixed #12247 -- Corrected the way update queries are processed when the update only refers to attributes on a base class. Thanks to jsmullyan for the report, and matiasb for the fix.
Backport of r12910 from trunk.

[1.1.X] Fixed #11956 -- Modified the handling of m2m relationships between subclasses. Thanks to nidi for the report, and astoneman for the suggestion on how to fix the problem.
Backport of r12908 from trunk.

[1.1.X] Fixed #13259 -- Ensure that multiple calls to message() don't corrupt any extra message headers. Thanks to canburak for the report, and Andi Albrecht for the fix.
Backport of r12901 from trunk.

[1.1.X] Fixed #11916 -- Corrected handling of aggregation when there is a subquery provided in an extra(select=) clause. Thanks to jaklaassen@gmail.com for the report, and to tobias, paluh, Karen Tracey and Ian Kelly for their work on the fix.
Backport of r12896 from trunk.

[1.1.X] Fixed #13103 -- A bit of re-organization to the custom template `ModelAdmin` options documentation section to remove some duplication and fix some confusing wording.
Backport of r12868 from trunk.

[1.1.X] Fixed #12612 -- Corrected handling of parameter formatting in SQLite backend so that executemany raises exceptions when bad parameter counts are provided. Thanks to Niels <niels@pythonheads.nl> for the report, and Gabriel Hurley for the help narrowing down the problem.
Backport of r12836 from trunk.

[1.1.X] Fixed #12822: Don't copy the _aggregate_select_cache when cloning a query set,
as that can lead to incorrect SQL being generated for the query. Thanks to mat
for the report and test, tobias for the fix, and Alex for review.
r12830 from trunk.

[1.1.X] Fixed #12339 -- Made content type deletion an interactive process to prevent accidentally cascade deleting content from a production database. Thanks to kcarnold for the report and patch.
Backport of r12782 from trunk.

[1.1.X] Fixed #11801 -- Corrected form validation to ensure you can still get deleted_forms and ordered_forms when a form that is being deleted doesn't validate. Thanks to dantallis for the report and patch.
Backport of r12771 from trunk.

[1.1.X] Fixed #11900 -- Corrected an edge case of transaction handling in the commit_on_success decorator. Thanks to guettli for the report, and Gabriel Hurley for the initial test case.
Backport of r12764 from trunk.

[1.1.X] Fixed #13093 -- Updated some decorators and the decorator_from_middleware function to allow callable classes to be decorated. Thanks to Brian Neal for the report.
Backport of r12762 from trunk.

[1.1.X] Fixed #12024: Changed admin code to avoid raising an exception when a field listed
in raw_id_fields has limit_choices_to specified as a Q object.
Tweaked a test to trigger the condition and verify the fix.
Finally, documented that limit_choices_to specified as a Q object has no effect
on the choices available for fields listed in raw_id_fields, and removed another
incorrect note that claimed limit_choices_to had no effect on inlines in the admin.
r12728 from trunk.

[1.1.X] Fixed #11461: Ensured complete traceback is available on the debug page when an exception is encountered during template rendering, even when running on Python 2.6 or higher. Thanks Glenn.
r12725 and r12726 from trunk.

[1.1.X] Fixed #12811 -- Modified Tutorial 2 to indicate that the templating language will be covered later. Thanks to bac for the suggestion, and Gabriel Hurley for the draft text.
Backport of r12710 from trunk.

[1.1.X] Fixed #12151: Ensured the comments code does not cause a server error when a request comes in for a comment specifying an invalid primary key value. Thanks thejaswi_puthraya.
r12681 from trunk.

[1.1.X] Fixed #12898: Reverted a change that assumed the file system encoding was utf8, and changed a test to demonstrate how that assumption corrupted uploaded non-ASCII file names on systems that don't use utf8 as their file system encoding (Windows for one, specifically). Thanks for the report to vrehak.
r12661 from trunk.

[1.1.X] Fixed #11710: Made a small test change to ensure utf-8 bytestrings in verbose_names don't cause a server error when the admin change log message is built. The necessary code fix was made for #12966 in r12627. Thanks Rupe.
r12650 from trunk.

[1.1.X] Fixed #11012: don't needless convert cache values to unicode.
This means you can now successfully store binary blogs, such as compressed data,
in the cache.
Thanks to Matt Croydon for the final patch.
Backport of [12637] from trunk.

[1.1.X] Fixed #11457: tightened the security check for "next" redirects after logins.
The new behavior still disallows redirects to off-site URLs, but now allows
redirects of the form `/some/other/view?foo=http://...`.
Thanks to brutasse.
Backport of [12635] from trunk.

[1.1.X] Fixed #6191, #11296 -- Modified the admin deletion confirmation page to use the same object collection scheme as the actual deletion. This ensures that all objects that may be deleted are actually deleted, and that cyclic display problems are avoided. Thanks to carljm for the patch.
Backport of r12598 from trunk.

[1.1.X] Fixed #11226 -- Corrected an validation edge case with m2m relations between two models with the same class name. Thanks to pkoch for the report, and to Ramiro Morales for the patch.
Backport of r12489 from trunk.